Automated Log Management and Analysis using Splunk for Computer Incident Investigations

/
Splunk - I define “Log Analysis” as a process of collecting system logs (syslog) and event data from computer systems, network devices and applications to look for anomalous events that are malicious or are in violation of organizational policies.

Personal Security on Social Networking Sites

/
Visits to social networking sites account for more than 10% of the total time people spend on the Internet, according Nielsen Online. A social network site focuses on building online communities of people who share common interests and activities, such as Linkedin.com and Facebook.com. Facebook is now the most visited social networking site on the Internet, with nearly 1.2 billion visits in January 2009 alone, while Twitter and Linkedin are steadily gaining ground.

Microsoft Security Bulletin Summary for July 2010

/
This security update resolves a publicly disclosed vulnerability in the Windows Help and Support Center feature that is delivered with supported editions of Windows XP and Windows Server 2003. This vulnerability could allow remote code execution if a user views a specially crafted Web page using a Web browser or clicks a specially crafted link in an e-mail message. The vulnerability cannot be exploited automatically through e-mail. For an attack to be successful, a user must click a link listed within an e-mail message.

Microsoft’s Next Move for Windows – Samara Lynn

/
Microsoft has bounced back into good grace from Windows Vista with its latest release of its operating system, Windows 7. Many Windows-based users have adopted Windows 7, either upgrading from Windows XP or scraping Vista. In an interesting article titled, “Will Windows 8 Be A Business-Only OS?” from PC Mag, Samara Lynn discussing Microsoft’s potential next move.

Internal IT Security Threat

/
Security Administrators should apply the “Defense in Depth” security model when it comes to protecting the network. This mean network firewalls, IDS, HIDS, host-based firewalls, patch management, security policies and vulnerability scanning.

Black Hat USA 2010

/
Black Hat USA 2010 is the technical security event for members of the security industry to gather and learn about the cutting-edge research - that address challenges to today’s senior-level IT professional. This year’s event will be hosted at Caesars Palace in Las Vegas, Nevada July 24-29th offering: over 70 multi-day training sessions, 32 live tool demonstrations in the new Black Hat Arsenal, and 100+ sessions of presentations from security industry elite. To learn more and register for the event visit: www.blackhat.com.